package com.aaa.springsecurity04.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller//requestController:表示或等同于controller+responsebody
public class UserController {

    @GetMapping("/user/query")
    @ResponseBody
    @PreAuthorize(value = "hasAnyAuthority('/user/query')")
    public String query(){
        return "user::query";
    }

    @GetMapping("/user/delete")
    @ResponseBody
    @PreAuthorize(value = "hasAnyAuthority('/user/delete')")
    public String delete(){
        return "user::delete";
    }

    @GetMapping("/user/update")
    @ResponseBody
    @PreAuthorize(value = "hasAnyAuthority('/user/update')")
    public String update(){
        return "user::update";
    }

    @GetMapping("/user/insert")
    @ResponseBody
    @PreAuthorize(value = "hasAnyAuthority('/user/insert')")
    public String insert(){
        return "user::insert";
    }

    @GetMapping("/user/export")
    @ResponseBody
    @PreAuthorize(value = "hasAnyAuthority('/user/export')")
    public String export(){
        return "user::export";
    }
}
